Category Archives: Industrial Controls

Industrial Control Systems

GE Bently Nevada 3500/22M

GE Bently Nevada 3500/22M Improper Authorization Vulnerability

CVE-2016-5788

3500

GE has identified an improper authorization vulnerability in the GE Bently Nevada 3500/22M monitoring system. GE has produced a new firmware version to mitigate this vulnerability in the USB version of the GE Bently Nevada 3500/22M monitoring system.

This vulnerability could be exploited remotely.

AFFECTED PRODUCT

The following GE Bently Nevada 3500/22M firmware versions are affected:

  • GE Bently Nevada 3500/22M (USB version), all versions prior to firmware Version 5.0, and
  • GE Bently Nevada 3500/22M (serial version), all versions.

IMPACT

Successful exploitation of the identified vulnerability may allow a remote attacker to gain unauthorized access to the affected device with elevated privileges.

Impact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.

BACKGROUND

GE Bently Nevada is a wholly owned subsidiary of GE, a US-based company that maintains offices in several countries around the world.

The affected product, GE Bently Nevada 3500/22M, is a vibration monitoring system. According to GE, the GE Bently Nevada 3500/22M is deployed across several sectors including Chemical and Energy. GE estimates that these products are used worldwide.

IMPROPER AUTHORIZATION

Several open ports have been identified on the affected device, which allow unauthorized access to the device with elevated privileges.

EXPLOITABILITY

This vulnerability could be exploited remotely.

MITIGATION

GE has released a new firmware version for the GE Bently Nevada 3500/22M TDI USB monitoring system, Version 5.0. GE’s new firmware can only be applied to the USB version of the GE Bently Nevada 3500/22M monitoring system. Users registered with a GE Bently Nevada Technical Support Agreement can download Version 5.0 and access GE’s Technical Information Letter (TIL-149700250)

http://www.bntechsupport.com

Siemens SCALANCE M-800 Web Vulnerability

Siemens SCALANCE

M-800/S615 Web Vulnerability

CVE-2016-7090

800/S615

Exploitation of this vulnerability could allow an attacker in a privileged network position to obtain web session cookies under certain circumstances.

SENSITIVE COOKIE IN HTTPS SESSION WITHOUT “SECURE” ATTRIBUTE

The integrated web server delivers session cookies without the “secure” flag. Modern browsers interpreting the flag would mitigate potential data leakage in case of clear text transmission.

EXPLOITABILITY

This vulnerability could be exploited remotely.

MITIGATION

Siemens provides firmware version V4.2 for SCALANCE M-800/S615 to mitigate this vulnerability. The firmware version can be obtained here:

https://support.industry.siemens.com/cs/ww/en/view/109740858